Skip to content

Commit

Permalink
identity: tweak token validation log levels (linkerd#12187)
Browse files Browse the repository at this point in the history
Currently, when an invalid token has been provided by the proxy 
to the destination's `Certify` method, the error is logged at the debug
level. We change that to INFO to make it more visible.

Signed-off-by: Zahari Dichev <zaharidichev@gmail.com>
  • Loading branch information
zaharidichev authored and GrigoriyMikhalkin committed Mar 10, 2024
1 parent 563b9ca commit a96df36
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkg/identity/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ func (svc *Service) Certify(ctx context.Context, req *pb.CertifyRequest) (*pb.Ce
}
var ite InvalidToken
if errors.As(err, &ite) {
log.Debugf("invalid token provided for %s: %s", reqIdentity, ite)
log.Infof("invalid token provided for %s: %s", reqIdentity, ite)
return nil, status.Error(codes.InvalidArgument, ite.Error())
}

Expand All @@ -222,7 +222,7 @@ func (svc *Service) Certify(ctx context.Context, req *pb.CertifyRequest) (*pb.Ce
if reqIdentity != tokIdentity {
msg := fmt.Sprintf("requested identity did not match provided token: requested=%s; found=%s",
reqIdentity, tokIdentity)
log.Debug(msg)
log.Info(msg)
return nil, status.Error(codes.FailedPrecondition, msg)
}

Expand Down

0 comments on commit a96df36

Please sign in to comment.